Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:34 a.m.9 views

CVE-2024-13372

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS6.8AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2025/02/01 8:15 a.m.2 views

CVE-2024-13372

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS5.8AI score0.00412EPSS
Exploits0References2
CVE
CVE
added 2025/02/01 7:21 a.m.61 views

CVE-2024-13372

CVE-2024-13372 affects WordPress WP Job Portal (plugin) up to version 2.2.6. Root cause: missing validation on a user-controlled key in getresumefiledownloadbyid() and getallresumefiles(), enabling unauthenticated download of user resumes (Insecure Direct Object Reference). Exploitation context i...

5.3CVSS5.2AI score0.00412EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/01 7:21 a.m.7 views

CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS5.2AI score0.00412EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/01 7:21 a.m.25 views

CVE-2024-13372 WP Job Portal <= 2.2.6 - Insecure Direct Object Reference to Unauthenticated Arbitrary Resume Download

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.6 via the getresumefiledownloadbyid and getallresumefiles functions due to missing validation on a us...

5.3CVSS0.00412EPSS
Exploits0References2
Rows per page
Query Builder